CVE-2019-19697

Опубликовано: 18 янв. 2020

Источник: nvd

CVSS3: 6.7

CVSS2: 7.2

EPSS Низкий

Описание

An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administrator privileges on the target machine in order to exploit the vulnerability.

Ссылки

http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-SECURITY-CONSUMER-SECURITY-BYPASS-PROTECTED-SERVICE-TAMPERING.txt
Exploit
Third Party Advisory
https://esupport.trendmicro.com/en-us/home/pages/technical-support/1124090.aspx
Vendor Advisory
https://seclists.org/bugtraq/2020/Jan/29
Exploit
Mailing List
Third Party Advisory
http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-SECURITY-CONSUMER-SECURITY-BYPASS-PROTECTED-SERVICE-TAMPERING.txt
Exploit
Third Party Advisory
https://esupport.trendmicro.com/en-us/home/pages/technical-support/1124090.aspx
Vendor Advisory
https://seclists.org/bugtraq/2020/Jan/29
Exploit
Mailing List
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:trendmicro:antivirus_\+_security_2019:15.0:*:*:*:*:*:*:*

cpe:2.3:a:trendmicro:internet_security_2019:15.0:*:*:*:*:*:*:*

cpe:2.3:a:trendmicro:maximum_security_2019:15.0:*:*:*:*:*:*:*

cpe:2.3:a:trendmicro:premium_security_2019:15.0:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 52%

0.00293

Низкий

6.7 Medium

CVSS3

7.2 High

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-6q97-f52c-7p26